Vulnerabilities > Improper Authentication

DATE CVE VULNERABILITY TITLE RISK
2024-06-14 CVE-2024-37367 Improper Authentication vulnerability in Rockwellautomation Factorytalk View 12.0/13.0
A user authentication vulnerability exists in the Rockwell Automation FactoryTalk® View SE v12.
network
low complexity
rockwellautomation CWE-287
7.5
2024-06-13 CVE-2024-22441 Improper Authentication vulnerability in HPE Cray Parallel Application Launch Service
HPE Cray Parallel Application Launch Service (PALS) is subject to an authentication bypass.
network
low complexity
hpe CWE-287
critical
9.8
2024-06-10 CVE-2022-45168 Improper Authentication vulnerability in Liveboxcloud Vdesk
An issue was discovered in LIVEBOX Collaboration vDesk through v018.
network
low complexity
liveboxcloud CWE-287
6.5
2024-06-06 CVE-2024-5658 Improper Authentication vulnerability in Born05 Two-Factor Authentication
The CraftCMS plugin Two-Factor Authentication through 3.3.3 allows reuse of TOTP tokens multiple times within the validity period.
network
low complexity
born05 CWE-287
6.5
2024-06-05 CVE-2023-50804 Improper Authentication vulnerability in Samsung products
An issue was discovered in Samsung Mobile Processor, and Modem Exynos 9820, Exynos 9825, Exynos 980, Exynos 990, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300.
network
low complexity
samsung CWE-287
5.3
2024-06-04 CVE-2024-35670 Improper Authentication vulnerability in Softlabbd Integrate Google Drive
Broken Authentication vulnerability in SoftLab Integrate Google Drive.This issue affects Integrate Google Drive: from n/a through 1.3.93.
network
low complexity
softlabbd CWE-287
critical
9.8
2024-04-25 CVE-2024-4024 Improper Authentication vulnerability in Gitlab
An issue has been discovered in GitLab CE/EE affecting all versions starting from 7.8 before 16.9.6, all versions starting from 16.10 before 16.10.4, all versions starting from 16.11 before 16.11.1.
network
low complexity
gitlab CWE-287
8.8
2024-03-08 CVE-2024-23255 Improper Authentication vulnerability in Apple Ipad OS and Iphone OS
An authentication issue was addressed with improved state management.
low complexity
apple CWE-287
2.4
2024-02-22 CVE-2023-52160 Improper Authentication vulnerability in multiple products
The implementation of PEAP in wpa_supplicant through 2.10 allows authentication bypass.
network
low complexity
debian redhat fedoraproject w1-fi CWE-287
6.5
2024-02-22 CVE-2023-52161 Improper Authentication vulnerability in Intel Inet Wireless Daemon
The Access Point functionality in eapol_auth_key_handle in eapol.c in iNet wireless daemon (IWD) before 2.14 allows attackers to gain unauthorized access to a protected Wi-Fi network.
network
low complexity
intel CWE-287
7.5